Security and privacy requirements for a multi-institutional cancer research data grid: an interview-based study

Rebecca Crowley and colleagues propose that academic health centers can and should lead the transition towards a culture of biomedical data sharing.

To develop software infrastructure that will provide support for discovery, characterization, integrated access, and management of diverse and disparate collections of information sources, analysis methods, and applications in biomedical research. An enterprise Grid software infrastructure, called caGrid version 1.0 (caGrid 1.0), has been developed as the core Grid architecture of the NCI-sponsored cancer Biomedical Informatics Grid (caBIG) program. It is designed to support a wide range of use cases in basic, translational, and clinical research, including 1) discovery, 2) integrated and large-scale data analysis, and 3) coordinated study. The caGrid is built as a Grid software infrastructure and leverages Grid computing technologies and the Web Services Resource Framework standards. It provides a set of core services, toolkits for the development and deployment of new community provided services, and application programming interfaces for building client applications. The caGrid 1.0 was released to the caBIG community in December 2006. It is built on open source components and caGrid source code is publicly and freely available under a liberal open source license. The core software, associated tools, and documentation can be downloaded from the following URL: https://cabig.nci.nih.gov/workspaces/Architecture/caGrid. While caGrid 1.0 is designed to address use cases in cancer research, the requirements associated with discovery, analysis and integration of large scale data, and coordinated studies are common in other biomedical fields. In this respect, caGrid 1.0 is the realization of a framework that can benefit the entire biomedical community.

Honest broker services are essential for tissue- and data-based research. The honest broker provides a firewall between clinical and research activities. Clinical information is stripped of Health Insurance Portability and Accountability Act-denoted personal health identifiers. Research material may have linkage codes, precluding the identification of patients to researchers. The honest broker provides data derived from clinical and research sources. These data are for research use only, and there are rules in place that prohibit reidentification. Very rarely, the institutional review board (IRB) may allow recontact and develop a recontact plan with the honest broker. Certain databases are structured to serve a clinical and research function and incorporate 'real-time' updating of information. This complex process needs resolution of a variety of issues regarding the precise role of the HB and their interaction with data. There also is an obvious need for software solutions to make the task of deidentification easier. The University of Pittsburgh has implemented a novel, IRB-approved mechanism to address honest broker functions to meet the specimen and data needs of researchers. The Tissue Bank stores biologic specimens. The Cancer Registry culls data and annotating information as part of state- and federal-mandated functions and collects data on the clinical progression, treatment, and outcomes of cancer patients. The Cancer Registry also has additional IRB approval to collect data elements only for research purposes. The Clinical Outcomes Group is involved in patient safety and health services research. Radiation Oncology and Medical Oncology provide critical treatment related information. Pathology and Oncology Informatics have designed software tools for querying availability of specimens, extracting data, and deidentifying specimens and annotating data for clinical and translational research. These entities partnered and submitted a joint IRB proposal to create an institutional honest broker facility. The employees of this conglomerate have honest broker agreements with the University of Pittsburgh and the Medical Center. This provides a large group of honest brokers, ensuring availability for projects without any conflict of interest. The honest broker system has been an IRB-approved institutional entity at the University of Pittsburgh since 2003. The honest broker system currently includes 33 certified honest brokers encompassing the multiple partners of this system. The honest broker system has handled >1600 requests over the past 4 years with a 25% increase in volume each year. The current results indicate that the collaborative honest broker model described herein is robust and provides a highly functional solution to the specimen and data needs for critical clinical and translational research activities.